DNS is the engine that makes the Internet work, converting recognizable names into IP addresses behind the scenes. Without DNS, the Internet as we know it would not exist. DNS tends to be a service that once configured, is often ignored. In today's world of ongoing and evolving cyberattacks, DNS is often overlooked as a means of both detecting and mitigating network compromise. This talk will examine ways to analyze DNS traffic for signs of malicious activity, discuss ways to filter and secure DNS as well as examine how DNS data can be used to quickly identify compromised devices. We will examine a variety of tools used to analyze and uncover some common DNS attacks and network compromise including NXLog, Logstash, Graylog, Kibana and Elasticsearch.

Jim is currently a Senior Systems Administrator at AppRiver, LLC. His team is responsible for global network deployments and manages the SecureSurf global DNS infrastructure and SecureTide global SPAM & Virus filtering infrastructure as well as all internal applications and manages network security for the entire company.
He served President and CEO of GridSouth Networks, LLC, a joint venture between Creative Data Concepts Limited Inc. and AppRiver, LLC. Jim is also the founder and President of Creative Data Concepts Limited, Inc., a well-known Web services provider that has been located in Pensacola, Florida since 1998.
Jim holds a Bachelor of Science degree with a major in biology from Ursinus College and a Master of Science degree with a major in microbiology and biochemistry from the University of Alabama.